13 total posts
Rogue Pharma, Fake AV Vendors Feel Credit Card Crunch
New research suggests that companies behind some of America's best known consumer brands may be far more effective at fighting cybercrime than any efforts to enact more stringent computer security and anti-piracy laws.
Recent legislative proposals in the United States — such as the Stop Online Piracy Act - have sought to combat online trafficking in copyrighted intellectual property and counterfeit goods by granting Internet service providers and authorities broader powers to prosecute offenders, and by imposing stronger criminal penalties for such activity. But recent data collected by academic researchers suggests that brand holders already have the tools to quash much of this activity.
Over the past two years, a team of academic researchers made hundreds of "test buys" at Web sites from 40 different shady businesses peddling knockoff prescription drugs, counterfeit software and fake antivirus products. The researchers, from George Mason University, the International Computer Science Institute, and the University of California, San Diego, posed as buyers for these products, which tend to be promoted primarily via hacked Web sites, junk email and computer viruses.
The test buys were intended to reveal relationships between the shadowy merchants and the banks that process credit and debit card transactions for these businesses. Following the money trail showed that a majority of the purchases were processed by just 12 banks in a handful of countries, including Azerbaijan, China, Georgia, Latvia, and Mauritius. [Screenshot]
Continued : http://krebsonsecurity.com/2012/10/rogue-pharma-fake-av-vendors-feel-credit-card-crunch/
Research Shows Serious Problems With Android App SSL..
There are thousands of apps in the Google Play mobile market that contain serious mistakes in the way that SSL/TLS is implemented, leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Researchers from a pair of German universities conducted a detailed analysis of thousands of Android apps and found that better than 15 percent of those apps had weak or bad SSL implementations.
The researchers conducted a detailed study of 13,500 of the more popular free apps on Google Play, the official Android app store, looking at the SSL/TLS implementations in them and trying to determine how complete and effective those implementations are. What they found is that more than 1,000 of the apps have serious problems with their SSL implementations that make them vulnerable to MITM attacks, a common technique used by attackers to intercept wireless data traffic. In its research, the team was able to intercept sensitive user data from these apps, including credit card numbers, bank account information, PayPal credentials and social network credentials.
The team also built a proof-of-concept tool called MalloDroid that was designed to find the potentially exploitable SSL bugs in Android apps, which they then investigated further to determine whether an attack was in fact possible. In a lot of cases--1,074, to be exact--it was.
Continued : https://threatpost.com/en_us/blogs/research-shows-serious-problems-android-app-ssl-implementations-101912
Warning: Three emails you don't want to see in your Inbox
Here are three emails you don't want to see in your inbox today.
[Screenshot] - [Screenshot] - [Screenshot]
Although the emails may claim to have been sent by the likes of LinkedIn, YouTube and Google the truth is that the headers are forged, and the emails have been specially crafted to look like legitimate communications from online firms.
Clicking on the links could send your computer to Canadian pharmacy-like spam sites offering to sell you Viagra, or even webpages hosting malicious payloads.
Always be careful about clicking on links in unsolicited emails. Hover over links with your mouse to tell where it's really going to before clicking, and keep your anti-virus and anti-spam protection updated.
Continued : http://nakedsecurity.sophos.com/2012/10/19/warning-email/
Keep Your Children Safe Online
TrendLabs Malware Blog:
It's a parent's responsibility to ensure that wherever their children are, they remain safe, happy and secure. The Internet, in this respect, is no different than any other playground in the park or at school. It looks harmless, even magical at first glance, but could result in some spills and tears if kids are left unsupervised around it.
Instead of bruises and cuts, however, your child may be exposed to inappropriate content, online bullying, or malware. One most recent example is the rogue version of the famous Bad Piggies game app, which lures in victims with the promise of a free version of the game. These and other threats are the troubles you will have to make sure your child steers clear away from.
It's with this in mind that we've created an e-guide that should help parents with the task of introducing their children to the world of the Internet. In this document, we've assembled handy, easy-to-remember tips on responsible browsing, downloading and exemplary internet etiquette, both on desktop and on mobiles. We give ample advice on what to look out for and what limits to set without making the parent seem overbearing on their child's online activities. We also provide a list of what sites to recommend to your child, in order to ease them into what material they should expect and look for.
Responsible, reasonable netizens aren't born - they're made, and it all begins with their parent guiding them.
You can read the e-guide here. For more information about this topic, visit the Trend Micro Internet Safety For Kids blog here.
Illegal content on YouTube? Beware spammed-out malware ..
Internet users are being warned about a malware attack that has been spammed out widely, posing as a communication from YouTube about copyrighted video content.
The emails, which have the subject line "Your video may have illegal content", pretend to come from Google's YouTube team.
Here's an example: [Screenshot]
Subject: Your video may have illegal content
Attached file: Content_ID755658_Matches.zip
Your video may have content that is owned or licensed by Music Publishing Rights Collecting Society.
No action is required on your part; however, if you are interested in learning how this affects your video, please open attached file with Content ID Matches section of your account for more information.
- The YouTube Team
The attached ZIP file, however, contains the Troj/Agent-XXC Trojan horse.
Sophos anti-virus products have been capable of detecting the malware since September 25th - but users of products from other vendors may not be as well protected.
Always be suspicious of unsolicited emails - and don't rush to click on unexpected attachments.
42% of lost mobiles have no security in place to protect..
.. data says report
If the UK is any indication, we're letting our precious mobile devices drop from our bags and pockets, scattering our unprotected data throughout the land at an alarming rate.
Surveying 1,008 UK consumers between the ages of 16 and 64, Sophos found that 42 percent of devices that were lost or left in insecure locations had no active security measures to protect data.
More findings from the survey, which was part of a wider awareness campaign regarding mobile device security:
• 20% of lost devices had access to work email, potentially exposing confidential corporate information.
• 20% contained sensitive personal information such as national insurance numbers, addresses and dates of birth.
• Over 10% contained payment information such as credit card numbers and PINs.
• 35% had access to social networking accounts via apps or web browser-stored cookies.
Sophos's James Lyne notes that the lack of awareness around data security among the general public is inevitably going to lead to BYOD-induced holes poked into corporate security:
Continued : http://nakedsecurity.sophos.com/2012/10/19/lost-mobiles-no-security/
HSBC banking websites recover from DoS attack
Major bank HSBC's websites are now all back online, following a denial-of-service (DoS) attack that left customers locked out of their account for nearly 10 hours.
People first began reporting problems accessing us.hsbc.co.uk, hsbc.co.uk and offshore.hsbc.com on Twitter on Thursday at around 5:45pm in the UK, saying they were unable to log in and use the services.
Others said they could not get to First Direct's website. First Direct, which does online and telephone banking only, is part of the HSBC group of companies.
On Friday, HSBC said its sites around the world were now back online.
"All HSBC websites have been available since 3am UK time. Thank you for your patience," the bank said in a post to its Twitter account on Friday morning.
According to the bank, its customers' personal details were not compromised in the attack, which disrupted online services but did not affect the other services such as the use of credit cards, debit cards or cash machines.
Continued : http://www.zdnet.com/uk/hsbc-banking-websites-recover-from-dos-attack-7000006063/
GitHub and HSBC hit by DDoS attacks
HSBC websites fell in DDoS attack last night, bank admits
HSBC recovers from DDoS attack, after internet banking services disrupted
New Virus FakeLookout.A Discovered by TrustGo Security Labs
From the TrustGo Security Labs Blog:
On Oct 17th 2012, TrustGo Security Labs uncovered a new malware on Google Play, named Trojan!FakeLookout.A. [Screenshot]
This malware hides itself in the full Application List after installation. It only shows up in the Downloaded app list where it uses Lookout's icon and the name "Updates". [Screenshot]
This malware can receive and execute commands from remote server. Server address: hxxp://[hidden]press.com/controls.php
According to remote server's commands, the malware can steal user's SMS messages and MMS messagesand upload them to remote server via secure FTP. It will also upload the complete file list from the user's SD card to the remote server. Then remote server will control the malware to upload specific files. This is a severe threat to user's privacy and sensitive data.
TrustGo Security Labs successfully accessed the FTP server and discovered uploaded files from some victims. The following is the root directory of the FTP server.
Continued : http://blog.trustgo.com/fakelookout/
BBC Watchdog crew sink teeth into dodgy PC repair shops
The reputation of the UK's computer repair industry took another hammering last week following a BBC Watchdog investigation into two Worcestershire-based computer repair firms.
The flagship consumer affairs programme looked into Click 4 PC and Click Computers in response to reports from viewers about missing personal data, botched repairs and a computer being held to ransom. The subsequent investigation into Click 4 PC exposed dubious practices including false diagnosis of faults, alleged supply of illegal software and passing off used equipment as being new.
During secret filming of a PC repair callout to Click 4 PC, the customer was supplied with a second-hand hard drive containing other people's data, after agreeing to pay for a new replacement drives. The diagnosis that the hard drive had failed was incorrect yet the victim was charged £200 for the supply of a second-hand hard drive.
Data on the hard drive appeared to have originated from a residential care home for young adults that contained medical records. BBC investigators returned the data to the relevant care home.
The Watchdog investigation also had an undercover reporter look for a job with Click Computers of Birmingham as a field repair engineer. The show reveals the reporter being told it was a sales job, and schooled on various hard sales techniques - including being told to charge a minimum of £120. The consumer interests' show also revealed that Click Computers had used false addresses all over the UK in order to make the claim that it had local offices throughout Britain.
Continued : http://www.channelregister.co.uk/2012/10/18/pc_repairs_watchdog_probe/
Kosovo Group Claims Hack of US Weather Service
The US National Weather Service computer network was hacked this week, with a group from Kosovo claiming credit and posting sensitive data, security experts said Friday.
Data released by the Kosovo Hackers Security group includes directory structures, sensitive files of the Web server and other data that could enable later access, according to Chrysostomos Daniel of the security firm Acunetix.
"The hacker group stated that the attack is a protest against the US policies that target Muslim countries," Daniel said.
"Moreover, the attack was a payback for hacker attacks against nuclear plants in Muslim countries, according to a member of the hacking group who said, 'They hack our nuclear plants using STUXNET and FLAME-like malwares, they are bombing us 27*7, we can't sit silent -- hack to payback them."
Continued : http://www.securityweek.com/kosovo-group-claims-hack-us-weather-service
U.S. National Weather Service Hacked
National Weather Service website hacked by Kosova Hacker's Security